The tech company that maintains the hotel check-in system set its cloud storage to public, allowing anyone to access customers' data without a password.
Eu is working on a digital wallet that would (among other things) help with this.
Afaik It has a tiered information/identity structure, where the lowest level is: “is this a human being” (as an alternative to captcha)
Then you could have age. (Just “is this person above %age”) Response would be just yes/no
Then spesific age, nationality etc etc.
You get the prompt, where it says what data they are asking for and you can concent or decline.
The source of authority would be the nation you are a citizen of, the origin of data would be obscured through EU proxies, and data would only be transferred if you approve the transaction from your app.
It’s a pretty big and ambitious project and could eventually lead to a lot easier transfer of sensitive data, where you are in control of who gets what and less need to store local copies of sensitive data. (An example usecase is for instance confirming a prescription to a drug for a pharmacy while traveling abroad).
Biggest risk as i see is people confirming data request without scrutiny. There needs to be mechanisms to aggressively revoke the ability to ask for data if abused. And I would assume the requirements to what org can ask for high tier data are really strict.
Eu is working on a digital wallet that would (among other things) help with this.
Afaik It has a tiered information/identity structure, where the lowest level is: “is this a human being” (as an alternative to captcha)
Then you could have age. (Just “is this person above %age”) Response would be just yes/no
Then spesific age, nationality etc etc.
You get the prompt, where it says what data they are asking for and you can concent or decline.
The source of authority would be the nation you are a citizen of, the origin of data would be obscured through EU proxies, and data would only be transferred if you approve the transaction from your app.
It’s a pretty big and ambitious project and could eventually lead to a lot easier transfer of sensitive data, where you are in control of who gets what and less need to store local copies of sensitive data. (An example usecase is for instance confirming a prescription to a drug for a pharmacy while traveling abroad).
Biggest risk as i see is people confirming data request without scrutiny. There needs to be mechanisms to aggressively revoke the ability to ask for data if abused. And I would assume the requirements to what org can ask for high tier data are really strict.
Going to be interesting to see what comes of it.